DLP Myth #5: DLD is the same thing as DLP

Posted by | No Tags | Analysts · DLP False Positives · DLP Products · DLP Technologies · DLP Vendors · Fidelis · GTB Technologies | No Comments on DLP Myth #5: DLD is the same thing as DLP

It may surprise you to find that many DLP enforcement technology implementations are not even DLP–they’re DLD, data loss detection.  Too many companies forget that the “P” stands for prevention.  Blocking.  Frankly, it’s not really the end user’s fault, rather the responsibility of the vendors.  There are a couple critical elements at play in this discussion:

  • Inaccuracy often is the cause for failing to enable blocking.  If a vendor’s DLP technology does not prove accurate, to turn on blocking is far too risky for the end user.  This will impede normal business process.  Unfortunately, a DLP vendor is only as good as their capacity for accurate detection.  Keep in mind that not all DLP detection is create equal.  (We’ll discuss this topic in a later post).
  • Most DLP enforcement technologies are limited in what they can block:  SMTP, FTP, HTTP, HTTPS and other proxiable protocols.  This is true of the biggest names in DLP and is not something that’s commonly known among buyers of DLP technologies.  Since this is the case among most vendors,  analysts accept it as a limitation of DLP, and since the analysts help shape the expectations of the marketplace, most buyers accept the limitation (once they finally know about it).  The limitation lies in the core technologies of these vendors which depend on proxy devices to do the dirty work of blocking.  There are two vendors I’m aware of that have the ability to block all protocols and not just proxiable ones:  Fidelis Security Systems and GTB Technologies.  However, in my opinion, each have their own deficiencies in other areas that may cancel out the blocking benefit.  There is no perfect DLP enforcement technology (and we’ll discuss this in a later post also).

The bottom line is, as much as you may like to, you’ll likely not be able to block everything that needs to be.  However, if you choose a vendor with the right detection capabilities, it will go a long way toward being able to flip the switch to turn your data loss detection into true data loss prevention!

No Comments

Leave a comment